Method and device for establishing connection

ABSTRACT

A method and a device for establishing a connection. The method includes the steps of: obtaining, by a group member device of a wireless device group, information about a to-be-connected device and then sending the information to a group owner device of the wireless device group, and/or transmitting, by the group member device, information about the group owner device to the to-be-connected device, where the information about the to-be-connected device and/or the information about the group owner device is used by the to-be-connected device and the group owner device to discover each other; and enabling, by the group member device, the to-be-connected device and the group owner device to share a first password, wherein the first password is used by the to-be-connected device and the group owner device to establish a connection after the to-be-connected device and the group owner device discover each other.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of International Application No.PCT/CN2014/079074, filed on Jun. 3, 2014, which claims priority toChinese Patent Application No. 201310213744.7, filed on May 31, 2013,both of which are hereby incorporated by reference in their entireties.

TECHNICAL FIELD

The present disclosure relates to the field of communicationstechnologies, and in particular, to a method and a device forestablishing a connection.

BACKGROUND

Currently, with the development of communications technologies, WirelessFidelity (WiFi) functions become increasingly popular. WiFi peer to peer(P2P) may also be referred to as WiFi direct, and is a discovery andconnection protocol that belongs to social WiFi. With the use of a WiFiP2P technology, direct end-to-end discovery between friends or adjacentservices can still be implemented by using a WiFi function in theabsence of an infrastructure (a cellular network and a hotspot). Inother words, WiFi P2P requires neither a real-time connection to aserver, nor a communications infrastructure in any form; instead, a userdirectly implements end-to-end discovery and information interaction.

With the use of the WiFi P2P technology, discovery and connectionbetween devices mainly include the following steps: a scanning anddiscovery process; a group owner (GO) negotiation process afterdiscovery; a WiFi protected setup (WPS) authentication process; andassociation (a four-way handshake) and communication.

Devices scan for and discover each other by using WiFi. After thediscovery, a wireless device group needs to be established for thedevices. To establish the wireless device group, one device needs to actas a GO, so that a GO negotiation process is required. After the groupowner is determined through negotiation, the group owner authenticates adevice. After the authentication succeeds, the GO issues one credentialto the device, so that the device joins the wireless device group andbecomes a group member of the wireless device group. A process ofissuing a credential is a process of WPS authentication.

Based on WiFi P2P, after the wireless device group is established forthe devices, if a user wants to connect a new device of the user to thewireless device group, the user needs to first enable the new device toscan for and discover the GO by using WiFi, and then executes a processof WPS authentication with the GO. After the authentication iscompleted, the new device joins the wireless device group. However, inan established wireless device group, in addition to a GO, there aremany devices that have been associated with the GO. To join the wirelessdevice group, the new device needs to scan for and discover the GO, andthen executes a process of WPS authentication. During scanning anddiscovery, the user needs to confirm which device is the GO and oftenneeds to approach the GO to perform an operation. However, in manycases, the GO is unreachable by the user (for example, it isinconvenient for the user to approach the GO), or the user has no ideawhich specific device is the GO, so the user needs to make multipleattempts. Therefore, in the prior art, when a user connects a new deviceto an established wireless device group, an operating procedure iscomplex, and efficiency is low.

SUMMARY

Embodiments of the present disclosure provide a method and a device forestablishing a connection, to simplify an operating procedure ofconnecting a new device to an established wireless device group, therebyimproving connection efficiency.

To resolve the foregoing technical problem, the embodiments of thepresent disclosure disclose the following technical solutions.

According to a first aspect, a method for establishing a connection isprovided, where the method includes obtaining, by a group member deviceof a wireless device group, information about a to-be-connected deviceand then sending the information about the to-be-connected device to agroup owner device of the wireless device group, and/or transmitting, bythe group member device, information about the group owner device to theto-be-connected device, and enabling, by the group member device, theto-be-connected device and the group owner device to share a firstpassword, where the first password is used by the to-be-connected deviceand the group owner device to establish a connection after theto-be-connected device and the group owner device discover each other.

With reference to the first aspect, in a first possible implementationmanner of the first aspect, the method further includes establishing, bythe group member device in a short-distance communication manner, acommunication connection to the to-be-connected device; and based on thecommunication connection, obtaining, by the group member device, theinformation about the to-be-connected device and then sending theinformation about the to-be-connected device to the group owner device,and/or transmitting the information about the group owner device to theto-be-connected device.

With reference to the first possible implementation manner of the firstaspect, in a second possible implementation manner of the first aspect,the enabling, by the group member device, the to-be-connected device andthe group owner device to share a first password includes, based on thecommunication connection, obtaining, by the group member device, apassword of the to-be-connected device as the first password, andsending the first password to the group owner device, or, based on thecommunication connection, using, by the group member device, a passwordshared by the group member device and the group owner device as thefirst password, where the password shared by the group member device andthe group owner device is a password generated by the group memberdevice and then sent to the group owner device, or, is a passwordgenerated by the group owner device and then sent to the group memberdevice, and sending the first password to the to-be-connected device,or, based on the communication connection, performing, by the groupmember device, authentication configuration on the to-be-connecteddevice, where authentication configuration is a process of WPSauthentication configuration, after WPS authentication configurationsucceeds, sending credential information to the to-be-connected device,where the credential information includes the first password, andsending the first password to the group owner device.

With reference to the first aspect, in a third possible implementationmanner of the first aspect, the obtaining, by a group member device of awireless device group, information about a to-be-connected deviceincludes obtaining, by the group member device of the wireless devicegroup, the information about the to-be-connected device by scanning adynamic two-dimensional code pre-generated by the to-be-connecteddevice.

With reference to the first aspect the third possible implementationmanner of the first aspect, in a fourth possible implementation mannerof the first aspect, the enabling, by the group member device, theto-be-connected device and the group owner device to share a firstpassword includes obtaining, by the group member device, a dynamicpassword of the to-be-connected device by scanning the dynamictwo-dimensional code pre-generated by the to-be-connected device, andsending the dynamic password as the first password to the group ownerdevice, or, obtaining, by the group member device, a dynamic password ofthe to-be-connected device by scanning the dynamic two-dimensional codepre-generated by the to-be-connected device, executing, based on thedynamic password, a process of authentication configuration on theto-be-connected device, after authentication configuration succeeds,sending credential information to the to-be-connected device, where thecredential information includes the first password, and sending thefirst password to the group owner device.

An implementation process of the authentication configuration is, if thedynamic password is a symmetric key, the group member device executes aconfiguration process in an existing WPS standard on the to-be-connecteddevice, and sends credential information to the to-be-connected device,where the credential information includes the first password, or, thegroup member device newly generates a password through encryption of thedynamic password and then sends an encryption result to theto-be-connected device, and the password is used as the first password,or, the to-be-connected device newly generates a password throughencryption of the dynamic password and then sends an encryption resultto the group member device, and the password is used as the firstpassword; if the dynamic password is a public key of an asymmetric key,the group member device encrypts a password by using the public key andsends the encrypted password to the to-be-connected device, the passwordis used as the first password, and the to-be-connected device obtainsthe password through decryption by using a private key corresponding tothe public key, or, the group member device sends a public key of thegroup member device to the to-be-connected device, the group memberdevice retains a private key of the group member device, the groupmember device obtains a shared key through calculation by using a publickey of the to-be-connected device and the private key of the groupmember device and using the shared key as the first password, or uses aderivative key generated based on the shared key as the first password,and the to-be-connected device obtains the shared key throughcalculation by using the received public key of the group member deviceand a private key of the to-be-connected device and uses the shared keyas the first password, or uses the derivative key generated based on theshared key as the first password.

With reference to the first aspect, in a fifth possible implementationmanner of the first aspect, the group member device pre-generates adynamic two-dimensional code to be scanned by the to-be-connecteddevice, where the dynamic two-dimensional code includes the informationabout the group owner device.

With reference to the first aspect, or, with reference to the fifthpossible implementation manner of the first aspect, in a sixth possibleimplementation manner of the first aspect, the enabling, by the groupmember device, the to-be-connected device and the group owner device toshare a first password includes pre-generating, by the group memberdevice, the dynamic two-dimensional code to be scanned by theto-be-connected device, where the dynamic two-dimensional code includesa dynamic password, and the dynamic password is a dynamic key generatedby the group member device, and sending, by the group member device, thedynamic password as the first password to the group owner device, or,pre-generating, by the group member device, the dynamic two-dimensionalcode to be scanned by the to-be-connected device, where the dynamictwo-dimensional code includes a dynamic password, executing, based onthe dynamic password, a process of authentication configuration on theto-be-connected device, after authentication configuration succeeds,sending credential information to the to-be-connected device, where thecredential information includes the first password, and sending thefirst password to the group owner device, or executing, based on thedynamic password, a process of authentication configuration on theto-be-connected device, after authentication configuration succeeds,sending, by the to-be-connected device, credential information to thegroup member device, where the credential information includes the firstpassword, and sending the first password to the group owner device.

An implementation process of the authentication configuration is, if thedynamic password is a symmetric key, the group member device executes aconfiguration process in an existing WPS standard on the to-be-connecteddevice, and sends credential information to the to-be-connected device,where the credential information includes the first password, or, thegroup member device newly generates a password through encryption of thedynamic password and then sends an encryption result to theto-be-connected device, and the password is used as the first password,or, the to-be-connected device newly generates a password throughencryption of the dynamic password and then sends an encryption resultto the group member device, and the password is used as the firstpassword; if the dynamic password is a public key of an asymmetric key,the to-be-connected device encrypts a password by using the public keyand sends the encrypted password to the group member device, thepassword is used as the first password, and the group member deviceobtains the password through decryption by using a private keycorresponding to the public key, or, the to-be-connected device sends apublic key of the to-be-connected device to the group member device, theto-be-connected device retains a private key of the to-be-connecteddevice, the to-be-connected device obtains a shared key throughcalculation by using a public key of the group member device and theprivate key of the to-be-connected device and uses the shared key as thefirst password, or uses a derivative key generated based on the sharedkey as the first password, and the group member device obtains theshared key through calculation by using the received public key of theto-be-connected device and a private key of the group member device asthe first password, or uses the derivative key generated based on theshared key as the first password, or, the group member devicepre-generates a dynamic two-dimensional code to be scanned by theto-be-connected device, where a dynamic password included in the dynamictwo-dimensional code is a password generated by the group owner device,and the dynamic password is used as the first password, or, the groupmember device pre-generates a dynamic two-dimensional code to be scannedby the to-be-connected device, where a dynamic password included in thedynamic two-dimensional code is a password generated by the group ownerdevice, and the to-be-connected device and the group owner deviceperform authentication configuration based on the dynamic password, toobtain a shared key as the first password.

An implementation process of the authentication configuration is, if thedynamic password is a symmetric key, the group member device executes aconfiguration process in an existing WPS standard on the to-be-connecteddevice, and sends credential information to the to-be-connected device,where the credential information includes the first password, or, thegroup owner device newly generates a password through encryption of thedynamic password and then sends an encryption result to theto-be-connected device, and the password is used as the first password,or, the to-be-connected device newly generates a password throughencryption of the dynamic password and then sends an encryption resultto the group owner device, and the password is used as the firstpassword; if the dynamic password is a public key of an asymmetric key,the to-be-connected device encrypts a password by using the public keyand sends the encrypted password to the group owner device, the passwordis used as the first password, and the group owner device obtains thepassword through decryption by using a private key corresponding to thepublic key, or, the to-be-connected device sends a public key of theto-be-connected device to the group owner device, the to-be-connecteddevice retains a private key of the to-be-connected device, theto-be-connected device obtains a shared key through calculation by usinga public key of the group owner device and the private key of theto-be-connected device and uses the shared key as the first password, oruses a derivative key generated based on the shared key as the firstpassword, and the group owner device obtains the shared key throughcalculation by using the received public key of the to-be-connecteddevice and a private key of the group owner device and uses the sharedkey as the first password, or uses the derivative key generated based onthe shared key as the first password.

With reference to the first aspect, in a seventh possible implementationmanner of the first aspect, the obtaining, by a group member device of awireless device group, information about a to-be-connected deviceincludes collecting, by the group member device of the wireless devicegroup, a static two-dimensional code of the to-be-connected device, andobtaining the information about the to-be-connected device from thestatic two-dimensional code of the to-be-connected device.

With reference to the seventh possible implementation manner of thefirst aspect, in an eighth possible implementation manner of the firstaspect, the enabling, by the group member device, the to-be-connecteddevice and the group owner device to share a first password includesextracting, by the group member device, a password from the statictwo-dimensional code as the first password, and sending the firstpassword to the group owner device, or, extracting, by the group memberdevice, a password from the static two-dimensional code, executing,based on the password, a process of authentication configuration on theto-be-connected device, after authentication configuration succeeds,sending credential information to the to-be-connected device, where thecredential information includes the first password, and sending thefirst password to the group owner device.

An implementation process of the authentication configuration is, if thepassword is a symmetric key, the group member device executes aconfiguration process in an existing WPS standard on the to-be-connecteddevice, and sends credential information to the to-be-connected device,where the credential information includes the first password, or, thegroup member device newly generates a password through encryption of thepassword and then sends an encryption result to the to-be-connecteddevice, and the password is used as the first password, or, theto-be-connected device newly generates a password through encryption ofthe password and then sends an encryption result to the group memberdevice, and the password is used as the first password; if the passwordis a public key of an asymmetric key, the group owner device encrypts apassword by using the public key and sends the encrypted password to theto-be-connected device, the password is used as the first password, andthe to-be-connected device obtains the password through decryption byusing a private key corresponding to the public key, or, the groupmember device sends a public key of the group member device to theto-be-connected device, the group member device retains a private key ofthe group member device, the group member device obtains a shared keythrough calculation by using a public key of the group member device andthe private key of the group member device and uses the shared key asthe first password, or uses a derivative key generated based on theshared key as the first password, and the to-be-connected device obtainsthe shared key through calculation by using the received public key ofthe group member device and a private key of the to-be-connected deviceand uses the shared key as the first password, or uses the derivativekey generated based on the shared key as the first password.

With reference to the first aspect, in a ninth possible implementationmanner of the first aspect, the obtaining, by a group member device of awireless device group, information about a to-be-connected device andthen sending the information about the to-be-connected device to a groupowner device of the wireless device group, and/or transmitting, by thegroup member device, information about the group owner device to theto-be-connected device includes collecting, by the group member deviceof the wireless device group, a personal identification number (PIN)code of the to-be-connected device; scanning for and discovering, by thegroup member device, the to-be-connected device according to informationabout the PIN code; and after the group member device scans for anddiscovers the to-be-connected device, obtaining, by the group memberdevice, the information about the to-be-connected device and sending theinformation about the to-be-connected device to the group owner device,and/or transmitting, by the group member device, the information aboutthe group owner device to the to-be-connected device.

With reference to the ninth possible implementation manner of the firstaspect, in a tenth possible implementation manner of the first aspect,the enabling, by the group member device, the to-be-connected device andthe group owner device to share a first password includes extracting, bythe group member device, a password from the PIN code as the firstpassword, and sending the first password to the group owner device, or,extracting, by the group member device, a password from the PIN code,executing, based on the password, a process of WPS authenticationconfiguration on the to-be-connected device, after WPS authenticationconfiguration succeeds, sending credential information to theto-be-connected device, where the credential information includes thefirst password, and sending the first password to the group ownerdevice.

With reference to the first aspect, in an eleventh possibleimplementation manner of the first aspect, the obtaining, by a groupmember device of a wireless device group, information about ato-be-connected device and then sending the information about theto-be-connected device to a group owner device of the wireless devicegroup, and/or transmitting, by the group member device, informationabout the group owner device to the to-be-connected device includescollecting, by the to-be-connected device, a static two-dimensional codeor a PIN code of the group member device; scanning for and discovering,by the to-be-connected device, the group member device based on thestatic two-dimensional code or the PIN code; and after theto-be-connected device scans for and discovers the group member device,obtaining, by the group member device, the information about theto-be-connected device and then sending the information about theto-be-connected device to the group owner device, and/or transmitting,by the group member device, the information about the group owner deviceto the to-be-connected device.

With reference to the eleventh possible implementation manner of thefirst aspect, in a twelfth possible implementation manner of the firstaspect, the enabling, by the group member device, the to-be-connecteddevice and the group owner device to share a first password includesusing, by the group member device, a password in the statictwo-dimensional code or a password in the PIN code as the firstpassword, and sending the first password to the group owner device, or,executing, based on the password in the static two-dimensional code orthe password in the PIN code, a process of authentication configurationon the to-be-connected device, after authentication configurationsucceeds, sending credential information to the to-be-connected device,where the credential information includes the first password, andsending the first password to the group owner device.

An implementation process of the authentication configuration may be, ifthe password is a symmetric key, the group member device executes aconfiguration process in an existing WPS standard on the to-be-connecteddevice, and sends credential information to the to-be-connected device,where the credential information includes the first password, or, thegroup member device newly generates a password through encryption of thepassword and then sends an encryption result to the to-be-connecteddevice, and the password is used as the first password, or, after theto-be-connected device newly generates a password through encryption ofthe password and then sends an encryption result to the group memberdevice, and the password is used as the first password; if the passwordis a public key of an asymmetric key, the to-be-connected deviceencrypts a password by using the public key and sends the encryptedpassword to the group member device, the password is used as the firstpassword, and the group member device obtains the password throughdecryption by using a private key corresponding to the public key, or,the to-be-connected device sends a public key of the to-be-connecteddevice to the group member device, the to-be-connected device retains aprivate key of the to-be-connected device, the to-be-connected deviceobtains a shared key through calculation by using a public key of thegroup member device and the private key of the to-be-connected deviceand uses the shared key as the first password, or uses a derivative keygenerated based on the shared key as the first password, and the groupmember device obtains the shared key through calculation by using thereceived public key of the to-be-connected device and a private key ofthe group member device and uses the shared key as the first password,or uses the derivative key generated based on the shared key as thefirst password.

With reference to any one of the first to the twelfth possibleimplementation manners of the first aspect, in a thirteenth possibleimplementation manner of the first aspect, the first password is used asa password required by the to-be-connected device and the group ownerdevice to execute a process of authentication configuration, or, thefirst password is used as a password required by the to-be-connecteddevice and the group owner device to execute a process of handshakecommunication.

With reference to any one of the first to the thirteenth possibleimplementation manners of the first aspect, in a fourteenth possibleimplementation manner of the first aspect, the method further includesthe following step: enabling, by at least one another group memberdevice, the to-be-connected device and the group owner device to share asecond password, where the first password and the second password areboth used as passwords required by the to-be-connected device and thegroup owner device to execute a process of authentication configuration,or, the first password and the second password are both used aspasswords required by the to-be-connected device and the group ownerdevice to execute a process of handshake communication.

According to a second aspect, a method for establishing a connection isprovided, where the method includes sending, by a to-be-connecteddevice, information about the to-be-connected device to a group ownerdevice of a wireless device group by using a group member device of thewireless device group, and/or obtaining, by the to-be-connected device,information about the group owner device by using the group memberdevice, where the information about the to-be-connected device and/orthe information about the group owner device is used by theto-be-connected device and the group owner device to discover eachother; and sharing, by the to-be-connected device, a first password withthe group owner device by using the group member device, where the firstpassword is used by the to-be-connected device and the group ownerdevice to establish a connection after the to-be-connected device andthe group owner device discover each other.

With reference to the second aspect, in a first possible implementationmanner of the second aspect, the method further includes establishing,by the to-be-connected device in a short-distance communication manner,a communication connection to the group member device; and based on thecommunication connection, sending, by the to-be-connected device, theinformation about the to-be-connected device to the group owner deviceby using the group member device, and/or obtaining, by theto-be-connected device, the information about the group owner device byusing the group member device.

With reference to the first implementation manner of the second aspect,in a second possible implementation manner of the second aspect, thesharing, by the to-be-connected device, a first password with the groupowner device by using the group member device includes, based on thecommunication connection, sending, by the to-be-connected device, apassword of the to-be-connected device as the first password to thegroup owner device by using the group member device, or, based on thecommunication connection, receiving, by the to-be-connected device, apassword shared by the group member device and the group owner deviceand sent by the group member device, and using the received password asthe first password, or, based on the communication connection,executing, by the to-be-connected device, a process of authenticationconfiguration on the group member device, and after authenticationconfiguration succeeds, receiving credential information sent by thegroup member device, where the credential information includes the firstpassword, where the first password is further sent by the group memberdevice to the group owner device.

With reference to the first or the second implementation manner of thesecond aspect, in a third possible implementation manner of the secondaspect, the method further includes the following step: sharing, by theto-be-connected device, a second password with the group owner device byusing at least one another group member device, where the first passwordand the second password are both used as passwords required by theto-be-connected device and the group owner device to execute a processof authentication configuration, or, the first password and the secondpassword are both used as passwords required by the to-be-connecteddevice and the group owner device to execute a process of handshakecommunication.

According to a third aspect, a device for establishing a connection isprovided, where the device includes an information transmission unit anda password sharing unit, where the information transmission unit isconfigured to obtain information about a to-be-connected device and thensend the information about the to-be-connected device to a group ownerdevice of the wireless device group, and/or transmit information aboutthe group owner device to the to-be-connected device, where theinformation about the to-be-connected device and/or the informationabout the group owner device is used by the to-be-connected device andthe group owner device to discover each other; and the password sharingunit is configured to enable the to-be-connected device and the groupowner device to share a first password, where the first password is usedby the to-be-connected device and the group owner device to establish aconnection after the to-be-connected device and the group owner devicediscover each other.

With reference to the third aspect, in a first possible implementationmanner of the third aspect, the information transmission unit isconfigured to establish, in a short-distance communication manner, acommunication connection to the to-be-connected device, based on thecommunication connection, obtain the information about theto-be-connected device and then sends the information about theto-be-connected device to the group owner device, and/or transmit theinformation about the group owner device to the to-be-connected device.

With reference to the first implementation manner of the third aspect,in a second possible implementation manner of the third aspect, thepassword sharing unit is configured to, based on the communicationconnection, obtain a password of the to-be-connected device as the firstpassword, and send the first password to the group owner device, or,based on the communication connection, use a password shared by thepassword sharing unit with the group owner device as the first password,and send the first password to the to-be-connected device, or, based onthe communication connection, execute a process of authenticationconfiguration on the to-be-connected device, after authenticationconfiguration succeeds, send credential information to theto-be-connected device, where the credential information includes thefirst password, and send the first password to the group owner device.

With reference to the third aspect, in a third possible implementationmanner of the third aspect, the information transmission unit isconfigured to obtain the information about the to-be-connected device byscanning a dynamic two-dimensional code pre-generated by theto-be-connected device.

With reference to the third implementation manner of the third aspect,in a fourth possible implementation manner of the third aspect, theinformation transmission unit is further configured to obtain a dynamicpassword of the to-be-connected device by scanning the dynamictwo-dimensional code pre-generated by the to-be-connected device; andthe password sharing unit is configured to send the dynamic password asthe first password to the group owner device, or, execute, based on thedynamic password, a process of authentication configuration on theto-be-connected device, after authentication configuration succeeds,send credential information to the to-be-connected device, where thecredential information includes the first password, and send the firstpassword to the group owner device.

With reference to the third aspect, in a fifth possible implementationmanner of the third aspect, the information transmission unit isconfigured to pre-generate a dynamic two-dimensional code to be scannedby the to-be-connected device, where the dynamic two-dimensional codeincludes the information about the group owner device.

With reference to the fifth implementation manner of the third aspect,in a sixth possible implementation manner of the third aspect, thedynamic two-dimensional code further includes a dynamic password; andthe password sharing unit is configured to send the dynamic password asthe first password to the group owner device, or, execute, based on thedynamic password, a process of authentication configuration on theto-be-connected device, after authentication configuration succeeds,send credential information to the to-be-connected device, where thecredential information includes the first password, and send the firstpassword to the group owner device.

With reference to the third aspect, in a seventh possible implementationmanner of the third aspect, the information transmission unit isconfigured to collect a static two-dimensional code of theto-be-connected device, and obtain the information about theto-be-connected device from the static two-dimensional code of theto-be-connected device.

With reference to the seventh implementation manner of the third aspect,in an eighth possible implementation manner of the third aspect, thepassword sharing unit is configured to extract a password from thestatic two-dimensional code as the first password, and send the firstpassword to the group owner device, or, extract a password from thestatic two-dimensional code, execute, based on the password, a processof authentication configuration on the to-be-connected device, afterauthentication configuration succeeds, send credential information tothe to-be-connected device, where the credential information includesthe first password, and send the first password to the group ownerdevice.

With reference to the third aspect, in a ninth possible implementationmanner of the third aspect, the information transmission unit isconfigured to collect a PIN code of the to-be-connected device, scan forand discover the to-be-connected device according to information aboutthe PIN code, and after the information transmission unit scans for anddiscover the to-be-connected device, obtain the information about theto-be-connected device and then send the information about theto-be-connected device to the group owner device, and/or transmit theinformation about the group owner device to the to-be-connected device.

With reference to the ninth implementation manner of the third aspect,in a tenth possible implementation manner of the third aspect, thepassword sharing unit is configured to extract a password from the PINcode as the first password, and send the first password to the groupowner device, or, execute, based on the password, a process ofauthentication configuration on the to-be-connected device, afterauthentication configuration succeeds, send credential information tothe to-be-connected device, where the credential information includesthe first password, and send the first password to the group ownerdevice.

With reference to the third aspect, in an eleventh possibleimplementation manner of the third aspect, the information transmissionunit is configured to enable the to-be-connected device to scan for anddiscover a proxy device by collecting, by the to-be-connected device, astatic two-dimensional code or a PIN code of a proxy device, and afterthe to-be-connected device scans for and discovers the proxy device,obtain the information about the to-be-connected device and then sendthe information about the to-be-connected device to the group ownerdevice, and/or transmit the information about the group owner device tothe to-be-connected device.

With reference to the eleventh implementation manner of the thirdaspect, in a twelfth possible implementation manner of the third aspect,the password sharing unit is configured to use a password in the statictwo-dimensional code or the PIN code as the first password, and send thefirst password to the group owner device, or, execute, based on thepassword in the static two-dimensional code or the PIN code, a processof authentication configuration on the to-be-connected device, afterauthentication configuration succeeds, send credential information tothe to-be-connected device, where the credential information includesthe first password, and send the first password to the group ownerdevice.

According to a fourth aspect, a device for establishing a connection isprovided, where the device includes a communications unit and a passwordsharing unit, where the communications unit is configured to sendinformation about a to-be-connected device to a group owner device of awireless device group by using a group member device of the wirelessdevice group, and/or obtain information about the group owner device byusing the group member device, where the information about theto-be-connected device and/or the information about the group ownerdevice is used by the to-be-connected device and the group owner deviceto discover each other; and the password sharing unit is configured toshare a first password with the group owner device by using the groupmember device, where the first password is used by the to-be-connecteddevice and the group owner device to establish a connection after theto-be-connected device and the group owner device discover each other.

With reference to the fourth aspect, in a first possible implementationmanner of the fourth aspect, the communications unit is configured toestablish, in a short-distance communication manner, a communicationconnection to the group member device, based on the communicationconnection, send information about the communications unit to the groupowner device by using the group member device, and/or obtain theinformation about the group owner device by using the group memberdevice.

With reference to the first implementation manner of the fourth aspect,in a second possible implementation manner of the fourth aspect, thepassword sharing unit is further configured to, based on thecommunication connection, send a password of the password sharing unitas the first password to the group owner device by using the groupmember device, or, based on the communication connection, receive apassword shared by the group member device and the group owner deviceand sent by the group member device, and use the received password asthe first password, or, based on the communication connection, execute aprocess of authentication configuration on the group member device, andafter authentication configuration succeeds, receive credentialinformation sent by the group member device, where the credentialinformation includes the first password, where the first password isfurther sent by the group member device to the group owner device.

With reference to any one of the first and the second implementationmanners of the fourth aspect, in a third possible implementation mannerof the fourth aspect, the password sharing unit is further configured toshare a second password with the group owner device by using at leastone another group member device, where the first password and the secondpassword are both used as passwords required by the to-be-connecteddevice and the group owner device to execute a process of authenticationconfiguration, or, the first password and the second password are bothused as passwords required by the to-be-connected device and the groupowner device to execute a process of handshake communication.

According to the method and the device for establishing a connectionthat are provided by the embodiments of the present disclosure, a groupmember device of a wireless device group obtains information about ato-be-connected device and then sends the information about theto-be-connected device to a group owner device of the wireless devicegroup, and/or the group member device transmits information about thegroup owner device to the to-be-connected device, where the informationabout the to-be-connected device and/or the information about the groupowner device is used by the to-be-connected device and the group ownerdevice to discover each other, and the group member device enables theto-be-connected device and the group owner device to share a firstpassword, where the first password is used by the to-be-connected deviceand the group owner device to establish a connection, so that theto-be-connected device and the group owner device more quickly completea discovery and authentication process, which simplifies an operatingprocedure of connecting a new device to an established wireless devicegroup, thereby improving connection efficiency.

BRIEF DESCRIPTION OF THE DRAWINGS

To describe the technical solutions in the embodiments of the presentdisclosure more clearly, the following briefly introduces theaccompanying drawings required for describing the embodiments. Theaccompanying drawings in the following description show some embodimentsof the present disclosure, and a person of ordinary skill in the art maystill derive other drawings from these accompanying drawings withoutcreative efforts.

FIG. 1 is a flowchart of a method for establishing a connectionaccording to the present disclosure;

FIG. 2 is a sequence diagram of a method for establishing a connectionaccording to Embodiment 1 of the present disclosure;

FIG. 3 is a sequence diagram of a method for establishing a connectionaccording to Embodiment 2 of the present disclosure;

FIG. 4 is a sequence diagram of a method for establishing a connectionaccording to Embodiment 3 of the present disclosure;

FIG. 5 is a sequence diagram of a method for establishing a connectionaccording to Embodiment 4 of the present disclosure;

FIG. 6 is a schematic structural diagram of modules of a device forestablishing a connection according to Embodiment 5 of the presentdisclosure;

FIG. 7 is a schematic structural diagram of modules of a device forestablishing a connection according to Embodiment 6 of the presentdisclosure;

FIG. 8 is a flowchart of a method for establishing a connectionaccording to Embodiment 11 of the present disclosure;

FIG. 9 is a schematic structural diagram of modules of a device forestablishing a connection according to Embodiment 12 of the presentdisclosure;

FIG. 10 is a structural diagram of a proxy device based on a computersystem according to an embodiment of the present disclosure; and

FIG. 11 is a structural diagram of a to-be-connected device based on acomputer system according to an embodiment of the present disclosure.

DETAILED DESCRIPTION

To make the objectives, technical solutions, and advantages of theembodiments of the present disclosure clearer, the following clearlydescribes the technical solutions in the embodiments of the presentdisclosure with reference to the accompanying drawings in theembodiments of the present disclosure. The described embodiments are apart rather than all of the embodiments of the present disclosure. Allother embodiments obtained by a person of ordinary skill in the artbased on the embodiments of the present disclosure without creativeefforts shall fall within the protection scope of the presentdisclosure.

A two-dimensional code in the present disclosure may be dynamic orstatic, or may be a two-dimensional code in another form, and isdetermined as required.

FIG. 1 is a flowchart of a method for establishing a connectionaccording to the present disclosure, and as shown in FIG. 1, the methodincludes the following steps.

110: A group member device of a wireless device group obtainsinformation about a to-be-connected device and then sends theinformation about the to-be-connected device to a group owner device ofthe wireless device group.

The wireless device group includes the group owner device and the groupmember device, and may be a wireless local area network with a centralnode, such as a basic service set (BSS) network, a P2P network, or asmart grid.

The group owner device is a central node device of the wireless localarea network, and may be an access point (AP) of a BSS network, or a GOof a P2P network. For a local network formed based on configuration, agroup owner device is an AP with an external registrar, the AP and theexternal registrar are together referred to as the group owner device,and the external registrar completes an authentication function, or, thegroup owner device is an AP with a built-in registrar.

The group member device is a device that has established a connection tothe group owner device.

120: The group member device transmits the information about the groupowner device to the to-be-connected device.

130: The group member device enables the to-be-connected device and thegroup owner device to share a first password, where the first passwordis used by the to-be-connected device and the group owner device toestablish a connection.

The information about the to-be-connected device and/or the informationabout the group owner device is used by the to-be-connected device andthe group owner device to discover each other, and step 110 and step 120are not necessarily both performed, but at least one of step 110 andstep 120 is performed.

According to the method described in the present disclosure, a groupmember device that has established a connection to a group owner devicein a wireless device group is used as a proxy device, to sendinformation about a to-be-connected device to the group owner device,or, send information about the group owner device to the to-be-connecteddevice, and send the first password to the group owner device after thefirst password is shared with the to-be-connected device, so that theto-be-connected device and the group owner device more quickly completediscovery of each other and authentication configuration, whichsimplifies an operating procedure of connecting a new device to anestablished wireless device group, thereby improving connectionefficiency.

The following further describes specific implementation manners of thepresent disclosure in detail with reference to the accompanying drawingsand the embodiments. The following embodiments are used to describe thepresent disclosure, but are not used to limit the scope of the presentdisclosure.

Embodiment 1

FIG. 2 is a sequence diagram of a method for establishing a connectionaccording to Embodiment 1 of the present disclosure. In this embodiment,the group member device may communicate with the to-be-connected devicein a near field communication (NFC) manner. NFC is both a short-distancecommunication method and a short-range high frequency wirelesscommunications technology, and allows electronic devices to exchangedata with each other (within ten centimeters) by performing non-contactpoint-to-point data transmission. In addition, the solution in thisembodiment may also be implemented in a short-distance WiFi manner, andan implementation method of the short-distance WiFi manner is basicallythe same as that of the NFC manner, and is not separately describedagain.

Referring to FIG. 2, the method includes the following steps.

200: A group member device establishes a communication connection to ato-be-connected device in an NFC manner. An NFC card is disposed in thegroup member device and the to-be-connected device each, and when thegroup member device and the to-be-connected device come in contactwithin a short distance, both automatically establish a communicationconnection by using the respective NFC cards. After the communicationconnection is established, the group member device first sends roleinformation of the group member device to the to-be-connected device,and the to-be-connected device may know, according to the roleinformation, that the currently connected device is not a group ownerdevice, and executes the following procedure. If the device connected tothe to-be-connected device is the group owner device, an existingprocessing procedure is executed, which is not a key point of thepresent disclosure, and is not described again.

201: The group member device obtains information about theto-be-connected device and then sends the information about theto-be-connected device (which corresponds to 201 a and 201 b in FIG. 2)to the group owner device. The information about the to-be-connecteddevice includes a device identifier of the to-be-connected device, forexample, a hardware address, that is, a Media Access Control (MAC)address. Optionally, the information about the to-be-connected devicemay further include one or more of the following: an interface address,a P2P capacity parameter, an operating channel, a supportedauthentication manner, configuration timeout (where if configuration isnot completed within a time, a configuration process becomes invalid),invitation flags, a group identification (ID) (P2P Group basic serviceset identification (BSSID)), a channel list, P2P device information (P2PDevice Info), a configuration method, a status, a public key of adevice, a public key hash value (public key hash) of a device, a WiFisimple configuration (WSC) parameter (WiFi simple configuration element(WSC IE), a P2P parameter (P2P IE), and the like.

202: The group member device transmits information about the group ownerdevice to the to-be-connected device. The information about the groupowner device includes an identifier of the group owner device, forexample, a hardware address, that is, a MAC address. Optionally, theinformation about the group owner device may further include one or moreof the following: an interface address, a P2P capacity parameter, anoperating channel, a supported authentication manner, configurationtimeout (where if configuration is not completed within a time, aconfiguration process becomes invalid), invitation flags, a group ID(P2P Group BSSID), a channel list, P2P device information, aconfiguration method, a status, a public key of a device, a public keyhash value of a device, a WSC parameter (WSC IE), a P2P parameter (P2PIE), and the like.

203: The group member device enables the to-be-connected device and thegroup owner device to share a first password.

In this step, the group member device may obtain, based on thecommunication connection, a password of the to-be-connected device asthe first password, and send the first password to the group ownerdevice; or, based on the communication connection, the group memberdevice uses a password shared by the group member device and the groupowner device as the first password, and sends the first password to theto-be-connected device, and further optionally, the group member devicemay send the first password to the group owner device, where thepassword shared by the group member device and the group owner devicemay be pre-generated by the group member device and then sent to thegroup owner device, or may be pre-generated by the group owner deviceand then sent to the group member device; or, based on the communicationconnection, the group member device executes a process of authenticationconfiguration on the to-be-connected device, after authenticationconfiguration succeeds, sends credential information to theto-be-connected device, where the credential information includes apassword used by the to-be-connected device and the group owner deviceto perform authentication (for example, WPS authentication or a four-wayhandshake or both), uses the password as the first password, and sendsthe first password to the group owner device, where when executing theprocess of authentication configuration on the to-be-connected device,the group member device may use a password shared by the group memberdevice and the group owner device or another password as an initialpassword required by the configuration process.

Optionally, before the sending the first password to the group ownerdevice, the method may further include the following steps: during theprocess of authentication configuration, the group member devicegenerates a public key and a public key hash value of the group memberdevice, sends the public key and the public key hash value of the groupmember device to the to-be-connected device, and receives a notificationof a hash authentication result obtained by the to-be-connected deviceaccording to the public key and the public key hash value of the groupmember device, and if hash authentication succeeds, the group memberdevice performs the step of sending the first password to the groupowner device; if hash authentication fails, ends the procedure; or, thegroup member device receives a public key and a public key hash value ofthe to-be-connected device that are generated by the to-be-connecteddevice during the process of authentication configuration, performs hashauthentication according to the public key and the public key hash valueof the to-be-connected device, and if hash authentication succeeds, thegroup member device performs the step of sending the first password tothe group owner device; if hash authentication fails, ends theprocedure.

204: The to-be-connected device scans for and discovers the group ownerdevice based on the information about the group owner device, or thegroup owner device scans for and discovers the to-be-connected devicebased on the information about the to-be-connected device.

One of steps 201 and 202 may be selected to be performed, or both ofsteps 201 and 202 may be performed. When step 201 is selected to beperformed, step 204 is the group owner device scans for and discoversthe to-be-connected device based on the information about theto-be-connected device; when step 202 is selected to be performed, step204 is the to-be-connected device scans for and discovers the groupowner device based on the information about the group owner device; whenboth of steps 201 and 202 are performed, because the to-be-connecteddevice and the group owner device already have the information abouteach other, and the to-be-connected device and the group owner devicehave discovered each other, step 204 may be omitted.

205: The group owner device executes a process of authenticationconfiguration on the to-be-connected device.

The first password may be used as an initial password for executing theprocess of authentication configuration in this step, and afterauthentication configuration ends, a new password is obtained, where thenew password is used for a four-way handshake in the following step 206.In addition, the first password may be directly used for the four-wayhandshake in the following step 206, and in this case, step 205 may beomitted.

206: The group owner device and the to-be-connected device perform afour-way handshake, and after the four-way handshake is completed, thegroup owner device and the to-be-connected device successfully establisha connection.

Embodiment 2

FIG. 3 is a sequence diagram of a method for establishing a connectionaccording to Embodiment 2 of the present disclosure. A differencebetween this embodiment and Embodiment 1 includes a group member devicecommunicates with a to-be-connected device by using a dynamictwo-dimensional code. A two-dimensional barcode/two-dimensional coderecords data symbol information by using a pepper-and-salt pattern inwhich geometric patterns of a specific type are distributed on a plane(in a two-dimensional direction) according to a rule. In coding, aconcept of “0” and “1” bit streams that constitute an internal logicbasis of a computer is skillfully utilized, several geometric shapescorresponding to a binary system are used to represent text andnumerical value information, and automatic information processing isimplemented through automatic reading by using an image input device oran optoelectronic scanning device. The two-dimensionalbarcode/two-dimensional code has some commonalities with a barcodetechnology: each code system has a specific character set; eachcharacter occupies a width; the two-dimensional barcode/two-dimensionalcode has a check function, and so on. In addition, it further has afunction of automatically identifying information in different lines,and a characteristic such as rotation and changes of a processedpattern.

A dynamic two-dimensional code, for example, a Quick Response (QR) codecan store more data than a common barcode, has a very low requirementduring scanning, and does not require linear alignment with a scannerlike during scanning of a common barcode. A QR code may dynamicallystore in real time large-capacity content such as business cardinformation, including WIFI ACCESS, a document, a number, a website, andthe like. The QR code is increasingly applied in fields such ase-commerce, check-in, anti-counterfeiting, and the like. A form of theQR code may be quite different from a square box that is usually blackand white colors and monotonous, and many interesting and lively QRtwo-dimensional codes may be produced.

Referring to FIG. 3, in this figure, a group member device obtainsinformation about a to-be-connected device by scanning a dynamictwo-dimensional code pre-generated by the to-be-connected device. Themethod includes the following steps.

301: A group member device of a wireless device group obtainsinformation about a to-be-connected device by scanning a dynamictwo-dimensional code pre-generated by the to-be-connected device, andsends the information about the to-be-connected device (whichcorresponds to 301 a and 301 b in FIG. 3) to a group owner device of thewireless device group.

The to-be-connected device pre-generates the dynamic two-dimensionalcode according to a user instruction, where the dynamic two-dimensionalcode may include the information about the to-be-connected device and adynamic password.

302: The group member device enables the to-be-connected device and thegroup owner device to share a first password.

The group member device obtains a dynamic password of theto-be-connected device by scanning the dynamic two-dimensional codepre-generated by the to-be-connected device, and sends the dynamicpassword as the first password to the group owner device, or, the groupmember device executes, based on the dynamic password of theto-be-connected device, a process of authentication configuration on theto-be-connected device, after authentication configuration succeeds,sends credential information to the to-be-connected device, where thecredential information includes a password used by the to-be-connecteddevice and the group owner device to perform authentication (forexample, WPS authentication and/or a four-way handshake), uses thepassword as the first password, and sends the first password to thegroup owner device.

303: The group owner device scans for and discovers the to-be-connecteddevice.

In this step of this embodiment, the group owner device has theinformation about the to-be-connected device, and the to-be-connecteddevice does not have information about the group owner device.Therefore, mainly the group owner device scans for and discovers theto-be-connected device (sends a probe response to the to-be-connecteddevice), and finally the to-be-connected device and the group ownerdevice discover each other.

304: The group owner device executes a process of WPS authenticationconfiguration on the to-be-connected device.

The first password may be used as an initial password for executing theprocess of WPS authentication configuration in this step, and after theWPS authentication configuration ends, a new password is obtained, wherethe new password is used for a four-way handshake in the following step305. In addition, the first password may be directly used for thefour-way handshake in the following step 305, and in this case, step 304may be omitted.

305: The group owner device and the to-be-connected device perform afour-way handshake.

In addition, in another embodiment of the present disclosure, when theto-be-connected device scans a dynamic two-dimensional code of the groupmember device, the method includes the following steps.

301′: The group member device pre-generates the dynamic two-dimensionalcode to be scanned by the to-be-connected device, where the dynamictwo-dimensional code includes the information about the group ownerdevice and a dynamic password.

The group member device pre-generates the dynamic two-dimensional codeaccording to a user instruction, where the dynamic two-dimensional codeincludes the information about the group owner device and a dynamicpassword of the group member device. By using this step, the groupmember device transmits the information about the group owner device tothe to-be-connected device.

302′: The group member device enables the to-be-connected device and thegroup owner device to share a first password.

The group member device sends the dynamic password of the group memberdevice as the first password to the group owner device, or, the groupmember device executes, based on the dynamic password of the groupmember device, a process of WPS authentication configuration on theto-be-connected device, after WPS authentication configuration succeeds,sends credential information to the to-be-connected device, where thecredential information includes a password used by the to-be-connecteddevice and the group owner device to perform authentication (forexample, WPS authentication and/or a four-way handshake), uses thepassword as the first password, and sends the first password to thegroup owner device.

303′: The to-be-connected device scans for and discovers the group ownerdevice.

In this step of this embodiment, the to-be-connected device has theinformation about the group owner device, but the group owner devicedoes not have the information about the to-be-connected device.Therefore, mainly the to-be-connected device scans for and discovers thegroup owner device (sends a probe response to the group owner device),and finally the to-be-connected device and the group owner devicediscovers each other.

304′: The group owner device executes a process of WPS authenticationconfiguration on the to-be-connected device.

The first password may be used as an initial password for executing theprocess of WPS authentication configuration in this step, and after theWPS authentication configuration ends, a new password is obtained, wherethe new password is used for a four-way handshake in the following step305′. In addition, the first password may be directly used for thefour-way handshake in the following step 305′, and in this case, step304′ may be omitted.

305′: The group owner device and the to-be-connected device perform afour-way handshake, and after the four-way handshake is completed, thegroup owner device and the to-be-connected device successfully establisha connection.

Embodiment 3

FIG. 4 is a sequence diagram of a method for establishing a connectionaccording to Embodiment 3 of the present disclosure. A differencebetween this embodiment and Embodiment 1 includes a group member deviceestablishes communication with a to-be-connected device by using astatic two-dimensional code. A case in which the group member deviceestablishes communication with the to-be-connected device by using a PINcode is basically the same as steps in this embodiment. However, the PINcode generally cannot be directly scanned, and needs to be manuallyinput, which is not separately described again.

Referring to FIG. 4, when a group member device of a wireless devicegroup scans a to-be-connected device, the method includes the followingsteps.

401: A group member device of a wireless device group scans a statictwo-dimensional code of a to-be-connected device. The statictwo-dimensional code includes a password and a hardware address, thatis, a MAC address, of the to-be-connected device.

402: The group member device scans for and discovers the to-be-connecteddevice according to information about the static two-dimensional code.

This step may also be replaced with the following manner. The groupmember device may also directly send the information about the statictwo-dimensional code to a group owner device, to enable the group ownerdevice to scan for and discover the to-be-connected device according tothe information about the static two-dimensional code, that is, performthe following step 406, so that the following steps 403, 404, and 405may be omitted. However, when the group member device establishescommunication with the to-be-connected device by using a PIN code, thisstep needs to be performed, and the following steps 403, 404, and 405cannot be omitted either.

403: The group member device transmits information about the group ownerdevice to the to-be-connected device.

404: The group member device obtains information about theto-be-connected device and then sends the information about theto-be-connected device (which corresponds to 404 a and 404 b in thefigure) to the group owner device.

405: The group member device enables the to-be-connected device and thegroup owner device to share a first password.

In this step, the group member device may extract a password from thestatic two-dimensional code as the first password, and send the firstpassword to the group owner device, or, the group member deviceexecutes, based on the password in the static two-dimensional code, aprocess of WPS authentication configuration on the to-be-connecteddevice, after WPS authentication configuration succeeds, sendscredential information to the to-be-connected device, where thecredential information includes a password used by the to-be-connecteddevice and the group owner device to perform authentication (forexample, WPS authentication and/or a four-way handshake), uses thepassword as the first password, and sends the first password to thegroup owner device.

406: The to-be-connected device scans for and discovers the group ownerdevice, or the group owner device scans for and discovers theto-be-connected device.

One of steps 403 and 404 may be selected to be performed, or both ofsteps 403 and 404 may be performed. When step 403 is selected to beperformed, step 406 is the to-be-connected device scans for anddiscovers the group owner device based on the information about thegroup owner device; when step 404 is selected to be performed, step 406is the group owner device scans for and discovers the to-be-connecteddevice based on the information about the to-be-connected device; whenboth of steps 403 and 406 are performed, because the to-be-connecteddevice and the group owner device already have the information abouteach other, step 406 may be omitted.

407: The group owner device executes a process of WPS authenticationconfiguration on the to-be-connected device.

The first password may be used as an initial password for executing theprocess of WPS authentication configuration in this step, and after theWPS authentication configuration ends, a new password is obtained, wherethe new password is used for a four-way handshake in the following step408. In addition, the first password may be directly used for thefour-way handshake in the following step 408, and in this case, step 407may be omitted.

408: The group owner device and the to-be-connected device perform afour-way handshake, and after the four-way handshake is completed, thegroup owner device and the to-be-connected device successfully establisha connection.

In another embodiment of the present disclosure, when a to-be-connecteddevice scans for a group member device of a wireless device group, themethod includes the following steps.

401′: A to-be-connected device scans a static two-dimensional code of agroup member device, where the static two-dimensional code includes ahardware address and a password of the group member device.

402′: The to-be-connected device scans for and discovers the groupmember device based on information about the static two-dimensional codeof the group member device.

403′: After the to-be-connected device scans for and discovers the groupmember device, the group member device obtains information about theto-be-connected device and then sends the information about theto-be-connected device to a group owner device.

404′: The group member device transmits information about the groupowner device to the to-be-connected device.

405′: The group member device enables the to-be-connected device and thegroup owner device to share a first password.

In this step, the group member device may use a password in the statictwo-dimensional code of the group member device as the first password,and send the first password to the group owner device, or, the groupmember device executes, based on the password in the statictwo-dimensional code of the group member device, a process of WPSauthentication configuration on the to-be-connected device, after WPSauthentication configuration succeeds, sends credential information tothe to-be-connected device, where the credential information includes apassword used by the to-be-connected device and the group owner deviceto perform authentication (for example, WPS authentication and/or afour-way handshake), uses the password as the first password, and sendsthe first password to the group owner device.

406′: The to-be-connected device scans for and discovers the group ownerdevice, or the group owner device scans for and discovers theto-be-connected device.

One of steps 403′ and 404′ may be selected to be performed, or both ofsteps 403′ and 404′ may be performed. When step 403′ is selected to beperformed, step 406′ is: the group owner device scans for and discoversthe to-be-connected device based on the information about theto-be-connected device; when step 404′ is selected to be performed, step406′ is: the to-be-connected device scans for and discovers the groupowner device based on the information about the group owner device; whenboth of steps 403′ and 404′ are performed, because the to-be-connecteddevice and the group owner device already have the information abouteach other, step 406′ may be omitted.

407′: The group owner device executes a process of WPS authenticationconfiguration on the to-be-connected device.

The first password may be used as an initial password for executing theprocess of WPS authentication configuration in this step, and after theWPS authentication configuration ends, a new password is obtained, wherethe new password is used for a four-way handshake in the following step408′. In addition, the first password may be directly used for thefour-way handshake in the following step 408′, and in this case, step407′ may be omitted.

408′: The group owner device and the to-be-connected device perform thefour-way handshake, and after the four-way handshake is completed, thegroup owner device and the to-be-connected device successfully establisha connection.

Embodiment 4

FIG. 5 is a sequence diagram of a method for establishing a connectionaccording to Embodiment 4 of the present disclosure. A differencebetween this embodiment and Embodiment 1 includes a to-be-connecteddevice shares a second password with at least one another group memberdevice, to prevent an intermediate device from learning a sharedpassword between the to-be-connected device and a group owner device andlaunching an attack, thereby improving communications security.

Referring to FIG. 5, the method includes the following steps.

500: A first group member device (which corresponds to a group memberdevice 1 in FIG. 5) transmits information about a group owner device toa to-be-connected device.

501: The first group member device obtains information about theto-be-connected device and then sends the information about theto-be-connected device (which corresponds to 501 a and 501 b in thefigure) to the group owner device of a wireless device group.

The foregoing step 500 and step 501 may not be both performed, but atleast one step is performed.

The to-be-connected device may establish a communication connection tothe first group member device in an NFC/short-distance WiFi manner, andperform step 500 and/or step 501 (refer to Embodiment 1 for details).Alternatively, the first group member device transmits the informationabout the group owner device to the to-be-connected device by using adynamic two-dimensional code pre-generated by the first group memberdevice (refer to Embodiment 2 for details). Alternatively, the firstgroup member device obtains the information about the to-be-connecteddevice by scanning a dynamic two-dimensional code pre-generated by theto-be-connected device (refer to Embodiment 2 for details).Alternatively, after scanning a static two-dimensional code or a PINcode of the to-be-connected device, the first group member deviceperforms scanning and discovery of the to-be-connected device, andperforms step 500 and/or step 501 (refer to Embodiment 3 for details).Alternatively, after scanning a static two-dimensional code or a PINcode of the first group member device, the to-be-connected deviceperforms scanning and discovery of the first group member device, andperforms step 500 and/or step 501 (refer to Embodiment 3 for details).

502: The first group member device enables the to-be-connected deviceand the group owner device to share a first password.

For a specific manner in which the first group member device enables theto-be-connected device and the group owner device to share the firstpassword, refer to the foregoing Embodiments 1 to 3.

503: A second group member device (which corresponds to a group memberdevice 2 in FIG. 5) enables the to-be-connected device and the groupowner device to share a second password.

When the second group member device communicates with theto-be-connected device in an NFC manner, the second group member devicemay enable the to-be-connected device and the group owner device toshare the second password in a manner similar to that in step 203 ofEmbodiment 1; when the second group member device establishescommunication with the to-be-connected device by using a statictwo-dimensional code, the second group member device may enable theto-be-connected device and the group owner device to share the secondpassword in a manner similar to that in step 405′ of Embodiment 3 afterthe to-be-connected device is scanned for and discovered. For a mannerin which the second group member device enables the to-be-connecteddevice and the group owner device to share the second password, refer toany manner in which the group member device enables the to-be-connecteddevice and the group owner device to share the first password inEmbodiments 1 to 3, and details are not described herein again. Inaddition, the second group member device may not transmit theinformation about the group owner device to the to-be-connected deviceor send the information about the to-be-connected device to the groupowner device.

After the foregoing steps are performed, the to-be-connected device andthe group owner device have two passwords each, that is, the firstpassword and the second password, and a password shared by theto-be-connected device and the group owner device is generated based onthe first password and the second password. For example, the firstpassword and the second password are spliced to generate the passwordshared by the to-be-connected device and the group owner device, orcorresponding conversion is performed on the first password and thesecond password by using a predetermined algorithm to obtain thepassword shared by the to-be-connected device and the group ownerdevice. However, the first group member device and the second groupmember device only know one of the passwords, and therefore it isdifficult to learn the password shared by the to-be-connected device andthe group owner device, thereby improving communications security.

504: The to-be-connected device scans for and discovers the group ownerdevice.

505: The group owner device executes a process of WPS authentication onthe to-be-connected device.

The first password and the second password may be used as initialpasswords for executing the process of WPS authentication configurationin this step, and after the WPS authentication configuration ends, a newpassword is obtained, where the new password is used for a four-wayhandshake in the following step 506. In addition, the first password andthe second password may be directly used for the four-way handshake inthe following step 506, and in this case, step 505 may be omitted.

506: The group owner device and the to-be-connected device perform afour-way handshake, and after the four-way handshake is completed, thegroup owner device and the to-be-connected device successfully establisha connection.

In addition, when the to-be-connected device shares more passwords withthe group owner device by using more group member devices, for example,three group member devices, communications security between theto-be-connected device and the group owner device becomes higher, animplementation manner thereof is similar to that in the foregoing steps,and is not described again.

Embodiment 5

FIG. 6 is a schematic structural diagram of modules of a device forestablishing a connection according to Embodiment 5 of the presentdisclosure. The device in this embodiment is a group member deviceselected by a to-be-connected device to establish a connection to agroup owner device, that is, a proxy device. As shown in FIG. 6, theproxy device 600 includes an information transmission unit 610 and apassword sharing unit 620.

The information transmission unit 610 is configured to obtaininformation about a to-be-connected device and then send the informationabout the to-be-connected device to a group owner device of a wirelessdevice group, and/or transmit information about the group owner deviceto the to-be-connected device, where the information about theto-be-connected device and/or the information about the group ownerdevice is used by the to-be-connected device and the group owner deviceto discover each other.

The password sharing unit 620 is configured to enable theto-be-connected device and the group owner device to share a firstpassword, where the first password is used by the to-be-connected deviceand the group owner device to establish a connection after theto-be-connected device and the group owner device discover each other.

Embodiment 6

This embodiment is described based on Embodiment 5.

The information transmission unit 610 is configured to establish, in ashort-distance communication manner, a communication connection to theto-be-connected device, based on the communication connection, theinformation transmission unit obtains the information about theto-be-connected device and then sends the information about theto-be-connected device to the group owner device, and/or transmit theinformation about the group owner device to the to-be-connected device.

The password sharing unit 620 is configured to, based on thecommunication connection, obtain a password of the to-be-connecteddevice as the first password, and send the first password to the groupowner device, or, based on the communication connection, use a passwordshared by the password sharing unit 620 and the group owner device asthe first password, and send the first password to the to-be-connecteddevice, and further optionally, the password sharing unit 620 may sendthe first password to the group owner device, or, based on thecommunication connection, execute a process of WPS authenticationconfiguration on the to-be-connected device, after WPS authenticationconfiguration succeeds, send credential information to theto-be-connected device, where the credential information includes thefirst password, and send the first password to the group owner device.

Referring to FIG. 7, optionally, the proxy device 600 may furtherinclude a hash authentication unit 630.

The hash authentication unit 630 is configured to, during the process ofWPS authentication configuration, generate a public key and a public keyhash value of the group member device, send the public key and thepublic key hash value of the group member device to the to-be-connecteddevice, receive a notification of a hash authentication result obtainedaccording to the public key and the public key hash value of the groupmember device by the to-be-connected device, and if hash authenticationsucceeds, instruct the password sharing unit to send the first passwordto the group owner device; or, the hash authentication unit 630 isconfigured to receive a public key and a public key hash value of theto-be-connected device that are generated by the to-be-connected deviceduring the process of WPS authentication configuration, perform hashauthentication according to the public key and the public key hash valueof the to-be-connected device, and if hash authentication succeeds,instruct the password sharing unit to send the first password to thegroup owner device.

Embodiment 7

This embodiment is described based on Embodiment 5.

The information transmission unit 610 is configured to obtain, byscanning a dynamic two-dimensional code pre-generated by theto-be-connected device, the information about the to-be-connected deviceand a dynamic password of the to-be-connected device, and send theinformation about the to-be-connected device to the group owner deviceof the wireless device group.

The password sharing unit 620 is configured to send the dynamic passwordas the first password to the group owner device, or, execute a processof WPS authentication configuration on the to-be-connected device basedon the dynamic password, after WPS authentication configurationsucceeds, send credential information to the to-be-connected device,where the credential information includes the first password, and sendthe first password to the group owner device.

Embodiment 8

This embodiment is described based on Embodiment 5.

The information transmission unit 610 is configured to pre-generate adynamic two-dimensional code to be scanned by the to-be-connecteddevice, where the dynamic two-dimensional code includes the informationabout the group owner device and a dynamic password, and transmit theinformation about the group owner device to the to-be-connected device;and the password sharing unit 620 is configured to send the dynamicpassword as the first password to the group owner device, or, execute,based on the dynamic password, a process of WPS authenticationconfiguration on the to-be-connected device, after WPS authenticationconfiguration succeeds, send credential information to theto-be-connected device, where the credential information includes thefirst password, and send the first password to the group owner device.

Embodiment 9

This embodiment is described based on Embodiment 5.

The information transmission unit 610 is configured to collect a statictwo-dimensional code or a PIN code of the to-be-connected device, scanfor and discover the to-be-connected device according to informationabout the static two-dimensional code or the PIN code, obtain theinformation about the to-be-connected device and then send theinformation about the to-be-connected device to the group owner device,and/or transmit the information about the group owner device to theto-be-connected device.

The password sharing unit 620 is configured to extract a password fromthe static two-dimensional code or the PIN code as the first password,and send the first password to the group owner device, or, execute,based on the password, a process of WPS authentication configuration onthe to-be-connected device, after WPS authentication configurationsucceeds, send credential information to the to-be-connected device,where the credential information includes the first password, and sendthe first password to the group owner device.

In addition, when information is transmitted by using a statictwo-dimensional code, the information transmission unit 610 may befurther configured to collect the static two-dimensional code of theto-be-connected device, obtain the information about the to-be-connecteddevice from the static two-dimensional code of the to-be-connecteddevice and then send the information about the to-be-connected device tothe group owner device, so that the group owner device scans for anddiscovers the to-be-connected device according to information about thestatic two-dimensional code.

Embodiment 10

This embodiment is described based on Embodiment 5.

The information transmission unit 610 is configured to enable theto-be-connected device to scan for and discover a proxy device bycollecting, by the to-be-connected device, a static two-dimensional codeor a PIN code of the proxy device, and after the to-be-connected devicescans for and discovers the proxy device, obtain the information aboutthe to-be-connected device and then send the information about theto-be-connected device to the group owner device, and/or transmit theinformation about the group owner device to the to-be-connected device.

The password sharing unit 620 is configured to use a password in thestatic two-dimensional code or the PIN code as the first password, andsend the first password to the group owner device, or, execute, based onthe password, a process of WPS authentication configuration on theto-be-connected device, after WPS authentication configuration succeeds,send credential information to the to-be-connected device, where thecredential information includes the first password, and send the firstpassword to the group owner device.

Embodiment 11

FIG. 8 is a flowchart of a method for establishing a connectionaccording to Embodiment 11 of the present disclosure. As shown in FIG.8, the method is executed by a to-be-connected device, and the methodincludes the following steps.

810: The to-be-connected device sends information about theto-be-connected device to a group owner device of a wireless devicegroup by using a group member device of the wireless device group,and/or the to-be-connected device obtains information about the groupowner device by using the group member device, where the informationabout the to-be-connected device and/or the information about the groupowner device is used by the to-be-connected device and the group ownerdevice to discover each other.

The to-be-connected device sends the information about theto-be-connected device to the group owner device of the wireless devicegroup by using the group member device of the wireless device group,and/or the to-be-connected device obtains the information about thegroup owner device by using the group member device. For the specificexecution manner, refer to the foregoing Embodiments 1 to 4, and detailsare not described again.

820: The to-be-connected device shares a first password with the groupowner device by using the group member device, where the first passwordis used by the to-be-connected device and the group owner device toestablish a connection after the to-be-connected device and the groupowner device discover each other.

The to-be-connected device shares the first password with the groupowner device by using the group member device. For the specificexecution manner, refer to the foregoing Embodiments 1 to 4, and detailsare not described again.

Embodiment 12

FIG. 9 is a schematic structural diagram of modules of a device forestablishing a connection according to Embodiment 12 of the presentdisclosure. The device in this embodiment is a to-be-connected device,and as shown in FIG. 9, the to-be-connected device 900 includes acommunications unit 910 and a password sharing unit 920.

The communications unit 910 is configured to send information about thecommunications unit 910 to a group owner device of a wireless devicegroup by using a group member device of the wireless device group,and/or obtain information about the group owner device by using thegroup member device, where information about the to-be-connected deviceand/or the information about the group owner device is used by theto-be-connected device 900 and the group owner device to discover eachother.

The password sharing unit 920 is configured to share a first passwordwith the group owner device by using the group member device, where thefirst password is used by the to-be-connected device 900 and the groupowner device to establish a connection after the to-be-connected deviceand the group owner device discover each other. The communications unit910 may be configured to establish, in a short-distance communicationmanner, a communication connection to the group member device, based onthe communication connection, send information about the communicationsunit 910 to the group owner device by using the group member device,and/or obtain the information about the group owner device by using thegroup member device.

The password sharing unit 920 may be further configured to, based on thecommunication connection, send a password of the password sharing unit920 as the first password to the group owner device by using the groupmember device, or, based on the communication connection, receive apassword shared by the group member device and the group owner deviceand sent by the group member device, and use the received password asthe first password, or, based on the communication connection, execute aprocess of WPS authentication configuration on the group member device,and after WPS authentication configuration succeeds, receive credentialinformation sent by the group member device, where the credentialinformation includes the first password, where the first password isfurther sent by the group member device to the group owner device.

In addition, the password sharing unit 920 is further configured toshare a second password with the group owner device by using at leastone another group member device, where the first password and the secondpassword are both used as passwords required by the to-be-connecteddevice and the group owner device to execute a process of WPSauthentication configuration, or, the first password and the secondpassword are both used as passwords required by the to-be-connecteddevice and the group owner device to execute a process of handshakecommunication.

A proxy device for establishing a connection provided by the embodimentsof the present disclosure may be implemented based on a computer system,and the methods shown in FIG. 1, FIG. 2, FIG. 3, FIG. 4, and FIG. 5 mayall be implemented by the proxy device that is based on the computersystem. FIG. 10 shows an embodiment of a proxy device that isimplemented based on a computer system. The proxy device in thisembodiment may include a processor 1010, a memory 1020, and acommunications interface 1030, where the communications interface 1030is configured to communicate with a to-be-connected device and a groupowner device. The communications interface 1030 may be configured toreceive information about the to-be-connected device that is sent by theto-be-connected device, send information about the group owner device tothe to-be-connected device, or send the information about theto-be-connected device and the first password to the group owner device.

The memory 1020 is configured to store a program instruction, theinformation about the group owner device, and the like.

The processor 1010 is configured to invoke the program instructionstored in the memory 1020, and perform the steps in the foregoing methodembodiments. For details, refer to the foregoing method embodiments,such as Embodiments 1, 2, 3, and 4.

The processor 1010 may be a central processing unit (CPU), anapplication-specific integrated circuit (ASIC), and the like. The proxydevice in this embodiment may include a bus 1040. The processor 1010,the memory 1020, and the communications interface 1030 may be connectedto and communicate with each other by using the bus 1040. The memory1020 may include an entity with a storage function, such as a randomaccess memory (RAM), a read-only memory (ROM), or a magnetic disk.

A to-be-connected device for establishing a connection provided by theembodiments of the present disclosure may be implemented based on acomputer system, and the method shown in FIG. 8 may be implemented bythe to-be-connected device based on the computer system. FIG. 11 showsan embodiment of a to-be-connected device that is implemented based on acomputer system. The to-be-connected device in this embodiment mayinclude a processor 1110, a memory 1120, and a communications interface1130, where the communications interface 1130 is configured tocommunicate with a group member device and a group owner device.Messages for a to-be-connected device and the group owner device tointeract with the group member device (as shown in FIG. 8 of the methodembodiment) are all sent and received through the communicationsinterface 1130. The communications interface 1130 may be configured toreceive information about the group owner device and a password that aresent by the group member device, or send information about theto-be-connected device to the group member device.

The memory 1120 is configured to store a program instruction.

The processor 1110 is configured to invoke the program instructionstored in the memory 1120, and perform the steps in the foregoing methodembodiments. For details, refer to the foregoing method Embodiment 11.

The processor 1110 may be a CPU, an ASIC, and the like. Theto-be-connected device in this embodiment may include a bus 1140. Theprocessor 1110, the memory 1120, and the communications interface 1130may be connected to and communicate with each other by using the bus1140. The memory 1120 may include an entity with a storage function,such as a RAM, a ROM, or a magnetic disk.

According to the method and the device for establishing a connection inthe embodiments of the present disclosure, a group member device of awireless device group obtains information about a to-be-connected deviceand then sends the information about the to-be-connected device to agroup owner device of the wireless device group, and/or the group memberdevice transmits information about the group owner device to theto-be-connected device, where the information about the to-be-connecteddevice and/or the information about the group owner device is used bythe to-be-connected device and the group owner device to discover eachother, and the group member device enables the to-be-connected deviceand the group owner device to share a first password, where the firstpassword is used by the to-be-connected device and the group ownerdevice to establish a connection after the to-be-connected device andthe group owner device discover each other, so that the to-be-connecteddevice and the group owner device more quickly complete a discovery andauthentication process, which simplifies an operating procedure ofconnecting a new device to an established wireless device group, therebyimproving connection efficiency.

In addition, for an existing security issue, the embodiments provided bythe present disclosure include setting a key shared between the groupmember device and the to-be-connected device to a public key in a publicand private key system, and generating, by the two parties based on thepublic key, a shared key, and using the shared key as the firstpassword. If a device inside a group launches an attack, because thedevice inside the group can obtain only the public key, and a privatekey is stored by the device and not sent, an attacker cannot generatethe shared key, cannot implement eavesdropping and a man-in-the-middleattack, and therefore cannot obtain privacy information between thegroup member device and the to-be-connected device, or attackcommunication between the to-be-connected device and the group ownerdevice. Therefore, after the group member device and the to-be-connecteddevice securely share the key, the to-be-connected device and the groupowner device are securely connected to each other.

A person of ordinary skill in the art may understand that, each aspectof the present disclosure or a possible implementation manner of eachaspect may be implemented as a system, a method, or a computer programproduct. Therefore, each aspect of the present disclosure or a possibleimplementation manner of each aspect may use forms of hardware onlyembodiments, software only embodiments (including firmware, residentsoftware, and the like), or forms of embodiments that combine softwareand hardware, which are generally referred to as a “circuit”, a“module”, or a “system” herein. In addition, each aspect of the presentdisclosure or the possible implementation manner of each aspect may takea form of a computer program product, where the computer program productrefers to computer-readable program code stored in a computer-readablemedium.

The computer-readable medium may be a computer-readable signal medium ora computer-readable storage medium. The computer-readable storage mediumincludes, but is not limited to, an electronic, magnetic, optical,electromagnetic, infrared, or semiconductor system, device, orapparatus, or any appropriate combination thereof, such as a RAM, a ROM,an erasable programmable read-only memory (EPROM or flash memory), anoptical fiber, and a compact disc read-only memory (CD-ROM).

A processor in a computer reads computer-readable program code stored ina computer-readable medium, so that the processor can perform a functionand an action specified in each step or a combination of steps in aflowchart; an apparatus is generated to implement a function and anaction specified in each block or a combination of blocks in a blockdiagram.

All computer-readable program code may be executed on a computer of auser, or some may be executed as a standalone software package on acomputer of a user, or some may be executed on a computer of a userwhile some is executed on a remote computer, or all the code may beexecuted on a remote computer or a server. It should also be noted that,in some alternative implementation solutions, each step in theflowcharts or functions specified in each block in the block diagramsmay not occur in the illustrated order. For example, two consecutivesteps or two blocks in the illustration, which are dependent on aninvolved function, may in fact be executed substantially at the sametime, or these blocks may sometimes be executed in a reverse order.

Obviously, a person skilled in the art can make various modificationsand variations to the present disclosure without departing from thespirit and scope of the present disclosure. The present disclosure isintended to cover these modifications and variations provided that thesemodifications and variations of the present disclosure fall within thescope of scope defined by the following claims of the present disclosureand their equivalent technologies.

What is claimed is:
 1. A method for establishing a connection,comprising: establishing, by a group member device of a wireless devicegroup, a wireless connection with a group owner device of the wirelessdevice group; obtaining, by the group member device of the wirelessdevice group via a communication connection to a to-be-connected device,information about the to-be-connected device after establishing thewireless connection with the group owner device; sending, by the groupmember device, the information about the to-be-connected device to thegroup owner device after obtaining the information about theto-be-connected device; transmitting, by the group member device, apre-generated dynamic two-dimensional (2D) code to the to-be-connecteddevice, wherein the pre-generated dynamic 2D code comprises informationabout the group owner device, and wherein the dynamic 2D code isconfigured to be scanned by the to-be-connected device; and enabling, bythe group member device, the to-be-connected device and the group ownerdevice to share a first password comprising: obtaining, by the groupmember device, a password from the dynamic 2D code, wherein the passwordis shared by the group member device and the group owner device as thefirst password based on the communication connection; executing, by thegroup member device, a process of authentication configuration on theto-be-connected device based on the communication connection; after theauthentication configuration succeeds, sending, by the group memberdevice, the first password to the to-be-connected device, wherein thefirst password is used by the to-be-connected device and the group ownerdevice to establish a communication connection with each other after theto-be-connected device and the group owner device discover each other;and sending the first password to the group owner device.
 2. The methodof claim 1, wherein the method further comprises establishing, by thegroup member device in a short-distance communication manner, thecommunication connection to the to-be-connected device, wherein thegroup owner device is a central node device of the wireless devicegroup.
 3. The method of claim 1, further comprising: obtaining, by thegroup member device of the wireless device group, the information aboutthe to-be-connected device by scanning the dynamic 2D code of theto-be-connected device; or collecting, by the group member device, apersonal identification number (PIN) code of the to-be-connected device,scanning for and discovering, according to information about the PINcode of the to-be-connected device, and then obtaining the informationabout the to-be-connected device; or obtaining, by the group memberdevice, the information about the to-be-connected device after theto-be-connected device obtains the dynamic 2D code comprising theinformation about the group owner device or a PIN code of the groupmember device, and after the group member device is scanned for anddiscovered based on the dynamic 2D code or the PIN code.
 4. The methodof claim 3, further comprising: extracting, by the group member device,a password from the dynamic 2D code comprising the information about thegroup owner device or the PIN code of the group member device, andsending the password as the first password to the group owner device; orextracting, by the group member device, the password from the dynamic 2Dcode or the PIN code of the to-be-connected device or the group memberdevice, and after the authentication configuration is successful,sending credential information to the to-be-connected device, whereinthe credential information comprises the first password, and sending thefirst password to the group owner device.
 5. The method of claim 1,further comprising: receiving, by the to-be-connected device, a static2D code of the group member device or a PIN code of the group memberdevice, to permit the to-be-connected device to scan for and discoverthe group member device based on the static 2D code of the group memberdevice or the PIN code of the group member device; and transmitting, bythe group member device, the information about the group owner device tothe to-be-connected device after permitting the to-be-connected deviceto scan for and discover the group member device.
 6. The method of claim5, wherein the dynamic 2D code comprising the information about thegroup owner device further comprises a dynamic password, whereinenabling the to-be-connected device and the group owner device to sharea first password comprises: sending, by the group member device, thedynamic password as the first password to the group owner device whenthe dynamic password is a dynamic key generated by the group memberdevice; or executing, based on the dynamic password, by the group memberdevice, a process of authentication configuration on the to-be-connecteddevice when the dynamic password is the dynamic key generated by thegroup member device, and after the authentication configuration issuccessful, sending, by the group member device, credential informationto the to-be-connected device, wherein the credential informationcomprises the first password, and sending the first password to thegroup owner device; or using the dynamic password as the first passwordwhen the dynamic password is a password generated by the group ownerdevice; or performing, by the to-be-connected device and the group ownerdevice, the authentication configuration based on the dynamic password,to obtain a shared key as the first password when the dynamic passwordis the password generated by the group owner device.
 7. A method forestablishing a connection, comprising: sending, by a to-be-connecteddevice, information about the to-be-connected device to a group ownerdevice of a wireless device group based on a communication connection byusing a group member device of the wireless device group; obtaining, bythe to-be-connected device, information about the group owner devicefrom the group member device, comprising: establishing, by theto-be-connected device in a short-distance communication manner, acommunication connection to the group member device; receiving, by theto-be-connected device, a pre-generated dynamic two-dimensional (2D)code comprising the information about the group owner device from thegroup member device; scanning, by the to-be-connected device, thedynamic 2D code comprising the information about the group owner deviceafter receiving the dynamic 2D code comprising the information about thegroup owner device; and sharing, by the to-be-connected device, a firstpassword with the group owner device by using the group member device,wherein the first password is either based on a password that is sharedbetween the group owner device and the group member device according tothe communication connection or based on credential information that isreceived from the group member device after a process of authenticationconfiguration between the to-be-connected device and the group memberdevice is successful, and wherein the first password is used by theto-be-connected device and the group owner device to establish aconnection with the group owner device after the to-be-connected deviceand the group owner device discover each other.
 8. The method of claim7, wherein the method further comprises: sending, by the to-be-connecteddevice, the information about the to-be-connected device to the groupowner device by using the group member device based on the communicationconnection; and obtaining, by the to-be-connected device, theinformation about the group owner device by using the group memberdevice.
 9. A group member device for establishing a connection,comprising: a memory comprising instructions; a communications interfacecoupled to the memory; and a computer processor coupled to the memory,wherein the instructions cause the computer processor to be configuredto: establish a communication connection with a group owner device of awireless device group; obtain information about a to-be-connected deviceafter establishing the communication connection with the group ownerdevice; send the information about the to-be-connected device to thegroup owner device of the wireless device group after obtaining theinformation about the to-be-connected device; transmit a pre-generateddynamic two-dimensional (2D) code to the to-be-connected device, whereinthe dynamic 2D code comprises information about the group owner device,and wherein the dynamic 2D code is configured to be scanned by theto-be-connected device; enable the to-be-connected device and the groupowner device to share a first password comprising: obtain a passwordfrom the dynamic 2D code, wherein the password is shared between thegroup member device and the group owner device as the first passwordbased on the communication connection; execute a process ofauthentication configuration on the to-be-connected device based on thecommunication connection; after the authentication configurationsucceeds, send the first password to the to-be-connected device, whereinthe first password is used by the to-be-connected device and the groupowner device to establish a communication connection after theto-be-connected device and the group owner device discover each other;and send the first password to the group owner device.
 10. The groupmember device of claim 9, wherein the instructions further cause thecomputer processor to be configured to: establish, in a short-distancecommunication manner, a wireless connection to the to-be-connecteddevice, based on the communication connection; obtain the informationabout the to-be-connected device; and send the information about theto-be-connected device to the group owner device.
 11. The group memberdevice of claim 9, wherein the instructions further cause the computerprocessor to be configured to: obtain the information about theto-be-connected device by scanning a dynamic 2D code of theto-be-connected device and then send the information about theto-be-connected device to the group owner device of the wireless devicegroup; or collect a personal identification number (PIN) code of theto-be-connected device, scan for and discover the to-be-connected deviceaccording to information about the PIN code, obtain the informationabout the to-be-connected device, and send the information about theto-be-connected device to the group owner device of the wireless devicegroup.
 12. The group member device of claim 11, wherein the instructionsfurther cause the computer processor to be configured to: extract thepassword from the dynamic 2D code comprising the information about thegroup owner device or the PIN code of the group member device, and sendthe password as the first password to the group owner device; or extractthe password from the 2D code comprising the information about the groupowner device or the PIN code of the group member device, execute, basedon the password, a process of authentication configuration on theto-be-connected device, after the authentication configuration issuccessful, send credential information to the to-be-connected device,the credential information comprising the first password, and send thefirst password to the group owner device.
 13. The group member device ofclaim 9, wherein the instructions further cause the computer processorto be configured to: transmit a static 2D code of the group memberdevice or a PIN code of the group member device, and permit theto-be-connected device to scan for and discover, based on the static 2Dcode or the PIN code, the group member device; and after discovering thegroup member device, transmit the information about the group ownerdevice to the to-be-connected device.
 14. The group member deviceaccording to claim 13, wherein the dynamic 2D code comprising theinformation about the group owner device further comprises a dynamicpassword, and wherein the instructions further cause the computerprocessor to be configured to: send the dynamic password as the firstpassword to the group owner device, wherein the dynamic password is adynamic key generated by the group member device; or execute, based onthe dynamic password, a process of authentication configuration on theto-be-connected device, after the authentication configuration issuccessful, send credential information to the to-be-connected device,wherein the credential information comprises the first password, andsend the first password to the group owner device, wherein the dynamicpassword is a dynamic key generated by the group member device; or usethe dynamic password as the first password when the dynamic password isa password generated by the group owner device; or enable theto-be-connected device and the group owner device to perform theauthentication configuration based on the dynamic password, to obtain ashared key as the first password when the dynamic password is thepassword generated by the group owner device.
 15. A to-be-connecteddevice for establishing a connection, comprising: a memory comprisinginstructions; a communications interface coupled to the memory; and acomputer processor coupled to the memory, wherein the instructions causethe computer processor to be configured to: send information about theto-be-connected device to a group owner device of a wireless devicegroup by using a group member device of the wireless device group;obtain information about the group owner device by using the groupmember device, comprising: establish in a short-distance communicationmanner a communication connection to the group member device; receive apre-generated dynamic two-dimensional (2D) code comprising theinformation about the group owner device from the group member device;and scan the dynamic 2D code comprising the information about the groupowner device after receiving the dynamic 2D code comprising theinformation about the group owner device; and share a first passwordfrom the group member device by using the group member device, whereinthe first password is either based on a password that is shared betweenthe group owner device and the group member device based on acommunication connection or is based on credential information that isreceived from the group member device after a process of authenticationconfiguration by the to-be-connected device on the group member deviceis successful, and wherein the first password is used by theto-be-connected device to establish a communication connection with thegroup owner device after the to-be-connected device and the group ownerdevice discover each other.
 16. The to-be-connected device of claim 15,wherein the instructions further cause the computer processor to beconfigured to: send information about the computer processor to thegroup owner device by using the group member device; and obtain theinformation about the group owner device by using the group memberdevice.
 17. The to-be-connected device of claim 15, wherein theinstructions further cause the computer processor to be configured to:provide a dynamic 2D code of the to-be-connected device that isconfigured to be used the group member device of the wireless devicegroup to obtain the information about the to-be-connected device; orprovide a personal identification number (PIN) code of theto-be-connected device that is configured to be used the group memberdevice to obtain the information about the to-be-connected device afterscanning for and discovering the to-be-connected device according toinformation about the PIN code; or receive a second dynamic 2D code ofthe group member device or a second PIN code of the group member device,scan for and discover the group member device based on the seconddynamic 2D code of the group member device or the second PIN code of thegroup member device.
 18. The to-be-connected device of claim 17, whereinthe instructions further cause the computer processor to be configuredto: extract the password from the dynamic 2D code comprising theinformation about the group owner device or the PIN code of theto-be-connected device by using the group member device, and send thepassword as the first password to the group owner device by using thegroup member device; or extract a password from the dynamic 2D codecomprising the information about the group owner device or the PIN codeof the to-be-connected device by using the group member device, execute,based on the password, a process of authentication configuration on theto-be-connected device by using the group member device, after theauthentication configuration is successful, receive credentialinformation from the group member device, wherein the credentialinformation comprises the first password, and send the first password tothe group owner device by using the group member device.
 19. Theto-be-connected device of claim 15, wherein the dynamic 2D codecomprising the information about the group owner device furthercomprises a dynamic password, and wherein the instructions further causethe computer processor to be configured to: send the dynamic password asthe first password to the group owner device by using the group memberdevice when the dynamic password is a dynamic key generated by the groupmember device; or execute, based on the dynamic password, a process ofauthentication configuration on the to-be-connected device by using thegroup member device when the dynamic password is the dynamic keygenerated by the group member device, after the authenticationconfiguration is successful, receive credential information from thegroup member device, wherein the credential information comprises thefirst password, and send the first password to the group owner device byusing the group member device; or use the dynamic password as the firstpassword when the dynamic password is a password generated by the groupowner device; or enable the to-be-connected device and the group ownerdevice to perform the authentication configuration based on the dynamicpassword, to obtain a shared key as the first password when the dynamicpassword is the password generated by the group owner device.